Lucene search
WPScanVULNRICHMENT:CVE-2024-3239HistoryMay 13, 2024 - 6:00 a.m.
CVE-2024-3239 PostX < 4.0.2 - Contributor+ Stored XSS
2024-05-1306:00:01
WPScan
github.com
cve-2024-3239
post grid gutenberg blocks
wordpress blog plugin
stored xss
contributor+ role
security vulnerability
The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.0.2 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
CNA Affected
[
{
"vendor": "Unknown",
"product": "Post Grid Gutenberg Blocks and WordPress Blog Plugin ",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "4.0.2"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-3239
2024-05-14 15:40:31
wpexploit
wpexploit
PostX < 4.0.2 - Contributor+ Stored XSS
2024-04-22 00:00:00
wpvulndb
wpvulndb
PostX < 4.0.2 - Contributor+ Stored XSS
2024-04-22 00:00:00
cve
cve
CVE-2024-3239
2024-05-14 15:40:31
cvelist
cvelist
CVE-2024-3239 PostX < 4.0.2 - Contributor+ Stored XSS
2024-05-13 06:00:01
wordfence
wordfence
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-3239